RockyLinux 8 : cloud-init (RLSA-2025:11324)

The remote RockyLinux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:11324 advisory. cloud-init: Cloud init permissions flaw CVE-2024-6174 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

cloud-init security update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

RLSA-2025:11324 Important: cloud-init security update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: Cloud init permissions flaw CVE-2024-6174 For more...

Astra Linux - уязвимость в cloud-init

In cloud-init through 25.1.2, the systemd socket unit cloud-init-hotplugd.socket is included, with a default SocketMode of 0666, allowing world-write permissions. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. A non-privileged user can trigger hotplug-hook commands...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cloud-init (SUSE-SU-2026:1980-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1980-1 advisory. - Update to version 25.1.3 bsc1245403, CVE-2024-11584, CVE-2024-6174 - Update to version 25.1.1...

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245403, CVE-2024-11584, CVE-2024-6174 Update to version 25.1.1 bsc1239715, jscPED-8680, bsc1228414, bsc1237764 Make sure a directory exists, if not create it, before writing in that location bsc1236720 rsyslog...

SUSE-SU-2026:1980-1 Security update for cloud-init

This update for cloud-init fixes the following issues: - Update to version 25.1.3 bsc1245403, CVE-2024-11584, CVE-2024-6174 - Update to version 25.1.1 bsc1239715, jscPED-8680, bsc1228414, bsc1237764 - Make sure a directory exists, if not create it, before writing in that location bsc1236720 -...

CLSA-2026-1779098063 cloud-init: Fix of CVE-2024-11584

CVE-2024-11584: fix systemd socket unit permission vulnerability to prevent unprivileged user from triggering hotplug-hook commands...

Astra Linux - уязвимость в cloud-init

Sensitive data may have been exposed in cloud-init logs that are readable to the world before version 22.3, when schema failures were reported. This leakage could involve hashed passwords...

NewStart CGSL MAIN 6.06 (SP) : cloud-init Multiple Vulnerabilities (NS-SA-2026-0026)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys. In some...

SUSE-RU-2026:20677-1 Recommended update for open-vm-tools

This update for open-vm-tools fixes the following issues: - update to 13.0.10 based on build 25056151 boo1257357: There are no new features in the open-vm-tools 13.0.10 release. This is primarily a maintenance release that addresses a fix. A minor enhancement has been made for Guest OS...

SUSE SLES16 : Recommended update for cloud-init (SUSE-SU-SUSE-RU-2026:20192-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2026:20192-1 advisory. Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed...

openSUSE 16 : Recommended update for cloud-init (SUSE-SU-openSUSE-RU-2026:20129-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-openSUSE-RU-2026:20129-1 advisory. Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed long ago...

OPENSUSE-RU-2026:20129-1 Recommended update for cloud-init

This update for cloud-init fixes the following issues: Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed long ago https://github.com/canonical/cloud-init/pull/1720 - Update to version 25.1.3 bsc1245401 , CVE-2024-6174,...

SUSE-RU-2026:20192-1 Recommended update for cloud-init

This update for cloud-init fixes the following issues: Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed long ago https://github.com/canonical/cloud-init/pull/1720 - Update to version 25.1.3 bsc1245401 , CVE-2024-6174,...

SUSE-RU-2026:20174-1 Recommended update for cloud-init

This update for cloud-init fixes the following issues: Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed long ago https://github.com/canonical/cloud-init/pull/1720 - Update to version 25.1.3 bsc1245401 , CVE-2024-6174,...

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. "In the last 24 hours, we have identified a number of cases where the exploit was to a device th...

MiracleLinux 9 : cloud-init-23.1.1-11.el9.ML.1 (AXSA:2023-7004:08)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7004:08 advisory. cloud-init: sensitive data could be exposed in logs CVE-2023-1786 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 8 : cloud-init-19.4-1.el8.7 (AXSA:2020-635:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-635:05 advisory. cloud-init: default configuration disabled deletion of SSH host keys CVE-2018-10896 The default cloud-init configuration, in cloud-init 0.6.2 and newer,...